package com.hnyfkj.jyindustry.common.oauth2;

import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.hnyfkj.jyindustry.biz.admin.service.SysUserTokenService;
import com.hnyfkj.jyindustry.biz.login.service.LoginService;
import com.hnyfkj.jyindustry.biz.sysmemberinfo.dao.SysMemberInfoDao;
import com.hnyfkj.jyindustry.biz.sysmemberinfo.entity.SysMemberInfoEntity;
import com.hnyfkj.jyindustry.biz.sysmenu.entity.SysMenuEntity;
import com.hnyfkj.jyindustry.biz.sysrole.entity.SysRoleEntity;
import com.hnyfkj.jyindustry.common.utils.ShiroUtils;

/**
 * @program: jyindustry
 * @description:常量类
 * @author: zl
 * @create: 2020-07-09 18:05
 **/
@Component
public class OAuth2Realm extends AuthorizingRealm {

	@Autowired
	SysUserTokenService sysUserTokenService;
	@Autowired
	private LoginService loginService;
	@Autowired
	private SysMemberInfoDao sysMemberInfoDao;

	@Override
	public boolean supports(final AuthenticationToken token) {
		return token instanceof UsernamePasswordToken;
	}

	/**
	 * 授权(验证权限时调用)
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(final PrincipalCollection principals) {
		// 授权认证
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		// 授予角色
		for (SysRoleEntity sysRoleEntity : loginService.getSysRoles()) {
			info.addRole(sysRoleEntity.getRoleName());
		}
		// 授予权限
		List<SysMenuEntity> sysMenuEntitys = loginService.getFullMenuUrl();
		for (SysMenuEntity sysMenuEntity : sysMenuEntitys) {
			info.addStringPermission(sysMenuEntity.getPermission());
		}
		return info;
	}

	/**
	 * 认证(登录时调用)
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(final AuthenticationToken token)
			throws AuthenticationException {
		// 输入的用户名
		String username = (String) token.getPrincipal();
		// 通过username从数据库中查找 User对象，如果找到，没找到.
		SysMemberInfoEntity sys = new SysMemberInfoEntity();
		sys.setUserName(username);
		SysMemberInfoEntity sysMemberInfoEntity = sysMemberInfoDao.selectOne(new QueryWrapper<SysMemberInfoEntity>(sys));
		if (sysMemberInfoEntity == null) {
			throw new UnknownAccountException();
		}
		if ("1".equals(sysMemberInfoEntity.getState())) {
			throw new LockedAccountException();
		}
		// 告诉 shiro 我的真正密码 和之前配置的加密算法 比对
		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(sysMemberInfoEntity,
				sysMemberInfoEntity.getPassword(), getName());
		authenticationInfo.setCredentialsSalt(ByteSource.Util.bytes(sysMemberInfoEntity.getSalt()));
		ShiroUtils.setSessionAttribute("memberId", sysMemberInfoEntity.getMemberId());
		return authenticationInfo;
	}
}
